Life is a Roller Coaster

June 5, 2009

List of JUNOS books

Filed under: Sharing, Technical section — Tags: , , — adisubrata @ 11:14 PM

Here is the list of e-book that you can use to sharpen your knowledge. Please DO NOT ask me for the url links or anything like that.

Most of these books are contains Junos CLI hands-on material, you can use it to learn Junos. Some books are contains IP knowledges that you can use in the global IP design and not only to single vendor.

1. John Wiley and Sons MPLS Enabled Applications Emerging Developments and New Technologies. (June 2008)

ina.jpg

2. The Illustrated Network: How TCP/IP Works In A Modern Network (Walter Goralski 2008)

tcp.jpg

3. JUNOS For Dummies (Feb 2008)

dumm.jpg

4. OReilly JUNOS Cookbook (Apr 2006).

cb.gif

5. OReilly JUNOS Enterprise Routing (Mar 2008).

jes.jpg

6. Wiley,. Designing and Developing Scalable IP Networks (2004)

sin.jpg

7. Addison-Wesley, OSPF and IS-IS Choosing an IGP for Large-Scale Networks (2005)

ospfisis.jpg

8. Addison Wesley – Interdomain Multicast Routing – Practical Juniper Networks and Cisco Systems Solutions (Apr 2002)

multicast.jpg

9. Wiley,. Juniper and Cisco Routing – Policy and Protocols for Multivendor IP Networks (2002)

jc.jpg

9. The Complete ISIS Routing Protocols (May 2008)

isis.jpg

10. Sybex book for JNCIA, JNCIS, JNCIP and JNCIE <— free ebook.

11. Prentice Hall Broadband Network Architectures (May 2007) <– E-Series

bras.jpg

12. Exploring the Junos CLI <— free ebook

cli.jpg

13. Addison Wesley – Juniper Networks Reference Guide – JUNOS Routing, Configuration, and Architecture (Oct 2002).

refer.jpg

14. Juniper Networks Field Guide And Reference (Oct 2002).

field.jpg

Another good books

1. Deploying IP and MPLS QoS for Multiservice Networks: Theory & Practice (The Morgan Kaufmann Series in Networking) by John William Evans and Clarence Filsfils (Hardcover – Mar 23, 2007).
2. OSPF: Anatomy of an Internet Routing Protocol by John T. Moy (Paperback – Feb 12, 1998)
3. OSPF Complete Implementation (paperback) by John T. Moy (Paperback – Jun 22, 2008)
4. Internet Routing Architectures (2nd Edition) (Networking Technology) by Sam Halabi (Hardcover – Sep 2, 2000)

Some books is already old and contains old material.

Please update me if you have another good book to share :)

May 29, 2009

JNCIP-M exam

Filed under: Sharing, Technical section — Tags: , , — adisubrata @ 11:41 PM

In this post I would like to share about JNCIP-M exam (Many people asked me after I posted JNCIE exam in this blog). Of course, without breaking the NDA.

jncip-path.gif

Old Logo

jncip-m-old.gif

New Logo

jncip-new.jpg

JNCIP-M exam concern IGP and BGP topic in the network ISP environment, also basic Junos configuration such as interfaces, SNMP and login set. Sybex book is the best resource to start. No MPLS technology and its variance will be find in this test. You can find the description of this test in this link :

Quote from official website:

“The JNCIP-M certification is designed to validate the networking professional’s ability to configure and troubleshoot common routing scenarios. Throughout this 8-hour practical exam, candidates will build an ISP consisting of seven M-series routers and multiple EBGP neighbors. Successful candidates will perform system configuration on all seven routers, install an IGP, a well-designed IBGP, establish connections with all EBGP neighbors as specified, and correctly configure the required routing policies. Passing the JNCIP-M exam is a requirement for attempting the JNCIE-M practical exam”.

Since this test is concern to IGP and BGP, you have to know IGP protocols such as ISIS and OSPF and BGP (RR and confederation) in details. For the example, No LSA type 5 in OSPF NSSA area, and no LSA type 7 in backbone area 0.0.0.0. ABR will do translation from LSA type 7 to type 5.

Below is the list of point before you take this exam:

1. Typing skill is needed. It would be good if you can exercise with another keyboard type.

2. Pay attention on basic configuration at the first time.

3. All interface must be up and running as expected in the test scenario. I don’t think you will pass if one interface down.

4. Try to make best configuration in each scenario before you are moving into the next scenario. If you still have a remaining time, you can recheck what you have configured, but at this case I recommend you to do one time configuration which is the best.

5. If you get stuck with a question, please understand the idea behind a question. If you still don’t have an idea, move to another question before time run out.

6. If you do not know exactly the question, ask the proctor to clarify. Do not make any assumption !!!

7. Prepare ALL material carefully and make sure that you are ready before the exam. Do not only concern on single topic, I.E you concern on OSPF but leave ISIS topic behind you.

8. Pay attention on BGP and routing policy :)

9. This is not really important, but for me I registered the exam after finishing all topic and ready for the exam. Register the exam after you are ready :)

10. If you finished the exam, try to calculate your score.

11. Understand and know every single topic in BGP, OSPF and all material. Sybex is the best book.

Those points above only give you general tips, but I hope it will useful for you all.

May 27, 2009

When you need to upgrade your software?

Filed under: Sharing, Technical section — adisubrata @ 10:13 PM

My people asking me when they want to upgrade their Junos. Do I need to upgrade to the latest release? That’s very common question asking by many customers.

Personally (this is only in my mind), I’m a kind of person who do not like to upgrade the software. Especially in the big ISP environment when dealing with more than 100 routers.

Software upgrade in Junos is very simple things, you only needs to transfer your file via FTP, and do remote upgrade for just a couple of days. However, I will not recommend software upgrades unless you really needs some features which is maybe only supported in the next release.

Below is the list of what I usually consider before making recommendation for software upgrades.

1. You hit a bugs and has fixed in latest (maybe latest) version.

What can you do if you hit a bugs ? hehe… Nothing perfect in this world.

2. New hardware only supported in the specific software version.

In this case, there is no other choice rather than using supported software to these new hardware (i.e new module, interface card, etc).

3. You need new features that only available in the next release.

Network standards and RFC growth very fast. New technology standard will only supported in the latest release since the RFC is still new. You have no choice rather than using latest release. For the example (today) is ethernet-oam, nonstop-routing, etc.

4. Better software architectures.

Each release of software probably has unique architectures. Latest software somehow has better architectures than the previous one. For instance, memory distribution, mpls code, bgp code etc. You can take an advantages using latest release.

5. Software has reached EOL for a long time.

Btw, this is just my personal opinion and not represent any organization or company.

If you have another opinion, please let me know :)

Let’s make a better world.

March 1, 2009

IPv6 – 6PE

Filed under: Technical section — Tags: — adisubrata @ 4:00 AM

At this post I will try and explain IPv6 over IPv4 island connectivity. You can download the complete configuration at the end of this post.

There are some choices that can be used to connecting IPv6 customer over IPv4 network. Tunnel is one of available choice. Both IPIP tunnel and MPLS tunnel can be used here. Both LDP LSP or RSVP LSP able to deliver IPv6 6PR. However in this post I will use MPLS RSVP tunnel. ISP can use both 6PE or vpnv6.

6PE will be used here.

I use logical router to simulate network in this test.

CE1 and CE2 is IPv6 customer. They connected to ISP which use MPLS in the backbone.

Ce1 connected to PE1 and CE2 connected to PE2. Pe1 and PE2 uses 6PE BGP session.

Two PEs have MP-BGP session to exchange IPv6 routes with AFI IPv6 “value 2″.

Diagram

<--ipv6 (AS1000)-> <---------ipv4 AS(3000)-------> <--ipv6 (AS2000)->
+-----+        +-----+         +-----+         +-----+       +-----+
| ce1 |--------| pe1 |---------|  p  |---------| pe2 |-------| ce2 |
+-----+        +-----+         +-----+         +-----+       +-----+
     10::1/126     192.168.0.0/30   192.168.0.4/30    11::0/126
Loopback address:
ce1: 98::1/128
ce2: 99::1/128
pe1: 1.1.1.1/32
pe2: 2.2.2.2/32
p: 10.10.10.10/32

ce1 advertised 98::1/128 to pe1.

ce2 advertised 99::1/128 to pe2.

Objective:

The objective of this test is connecting CE1 and CE2 IPV6.

Config Clue

1. IPv6 BGP router ID

As mentioned in the RFC 2544, in the IPv6 network (only IPv6), BGP router id need to be specified 32 bit. OPEN message  need to be add on both CEs router.

Quote from RFC 2544:

  "Note that the information referred above is distinct from the BGP
   Identifier used in the BGP-4 tie breaking procedure. The BGP
   Identifier is a 32 bit unsigned integer exchanged between two peers
   at session establishment time, within an OPEN message. This is a
   system wide value determined at startup which must be unique in the
   network and should be derived from an IPv4 address regardless of the
   network protocol(s) a particular BGP-4 instance is configured to
   convey at a given moment."

If you are not configure router ID on CE router, OPEN message will fail.  BGP session cannot established. Debug will show why IPv6 BGP session failed when CE router have no router id.

Mar  1 08:57:35  prime pe2: rpd[3251]: bgp_get_open: NOTIFICATION sent to 11::2+4597 (proto): 
code 2 (Open Message Error) subcode 3 (bad BGP ID), Reason: peer 11::2+4597 (proto): 
invalid BGP identifier 0x0

(CE sent OPEN message with 0.0.0.0 as an ID).

2. Explicit null must be configured on labeled unicast family inet6. By default Junos always advertised ipv6 route with label value 2. This label value 2 use as inner label while LSP label use as a outer label.

Example:

enugadi@prime# run show route 99::1/128 logical-router pe1 detail 

inet6.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)
99::1/128 (1 entry, 1 announced)

        *BGP    Preference: 170/-101
                Next hop type: Indirect
                Next-hop reference count: 3
                Source: 2.2.2.2
                Next hop type: Router, Next hop index: 591
                Next hop: 192.168.0.2 via fe-1/3/0.1 weight 0x1, selected
                Label-switched-path pe1-to-pe2
                Label operation: Push 2, Push 100016(top)
                Protocol next hop: ::ffff:2.2.2.2
                Push 2
                Indirect next hop: 89d9000 131070
                State: <Active Int Ext>
                Local AS:  3000 Peer AS:  3000
                Age: 33         Metric2: 2 
                Task: BGP_3000.2.2.2.2+2027
                Announcement bits (3): 0-KRT 1-BGP RT Background 2-Resolve tree 1 
                AS path: 2000 I
                Route Label: 2
                Localpref: 100
                Router ID: 2.2.2.2

3. PE interface core facing interface MUST be configured with family inet6. This is used for IPv6 received packet verification.

4. You have to configured ipv6-tunneling on protocol MPLS stanza. This rule is applied both LDP or RSVP signaling.

Configuration

Ipv6 Configuration on PE1

enugadi@prime# show logical-routers pe1 interfaces
fe-1/3/0 {
    unit 1 {
        vlan-id 1;
        family inet {
            address 192.168.0.1/30;
        }
        family inet6;
        family mpls;
    }
}
fe-1/3/1 {
    unit 3 {
        description "PE1 to CE1 IPV6 Customer";
        vlan-id 3;
        family inet6 {
            address 10::2/126;
        }
    }
}
lo0 {
    unit 1 {
        family inet {
            address 1.1.1.1/32;
        }
    }
}

enugadi@prime# show logical-routers pe1 protocols bgp
group ibgp {
    type internal;
    local-address 1.1.1.1;
    family inet6 {
        labeled-unicast {
            explicit-null;
        }
    }
    neighbor 2.2.2.2;
}
group ipv6 {
    family inet6 {
        unicast;
    }
    neighbor 10::1 {
        peer-as 1000;
    }
}

enugadi@prime# show logical-routers pe1 protocols mpls
ipv6-tunneling;
label-switched-path pe1-to-pe2 {
    to 2.2.2.2;
}
interface fe-1/3/0.1;

Configuration on PE2

enugadi@prime# show logical-routers pe2 interfaces
fe-1/3/0 {
    unit 4 {
        vlan-id 4;
        family inet6 {
            address 11::1/126;
        }
    }
}
fe-1/3/1 {
    unit 2 {
        vlan-id 2;
        family inet {
            address 192.168.0.6/30;
        }
        family inet6;
        family mpls;
    }
}
lo0 {
    unit 2 {
        family inet {
            address 2.2.2.2/32;
        }
    }
}
[edit]

enugadi@prime# show logical-routers pe2 protocols mpls
ipv6-tunneling;
label-switched-path pe2-to-pe1 {
    to 1.1.1.1;
}
interface fe-1/3/1.2;

[edit]
enugadi@prime# show logical-routers pe2 protocols bgp
group ipv6 {
    traceoptions {
        file debug-ipv6;
        flag all detail;
    }
    neighbor 11::2 {
        peer-as 2000;
    }
}
group ibgp {
    type internal;
    local-address 2.2.2.2;
    family inet6 {
        labeled-unicast {
            explicit-null;
        }
    }
    neighbor 1.1.1.1;
}

Network Verification

enugadi@prime# run show ospf neighbor logical-router p
Address          Interface              State     ID               Pri  Dead
192.168.0.6      fe-1/3/0.2                 Full      2.2.2.2          128    33
192.168.0.1      fe-1/3/1.1                 Full      1.1.1.1          128    33
[edit]

enugadi@prime# run show ospf neighbor logical-router pe1
Address          Interface              State     ID               Pri  Dead
192.168.0.2      fe-1/3/0.1                 Full      10.10.10.10      128    34
[edit]

enugadi@prime# run show ospf neighbor logical-router pe2
Address          Interface              State     ID               Pri  Dead
192.168.0.5      fe-1/3/1.2                 Full      10.10.10.10      128    38

enugadi@prime# run show mpls lsp logical-router pe2
Ingress LSP: 1 sessions
To              From            State Rt ActivePath       P     LSPname
1.1.1.1         2.2.2.2         Up     0                  *     pe2-to-pe1
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
2.2.2.2         1.1.1.1         Up       0  1 FF       3        - pe1-to-pe2
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

enugadi@prime# run show bgp summary logical-router pe1
Groups: 2 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0                 0          0          0          0          0          0
inet6.0                2          2          0          0          0          0
Peer               AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Damped...
10::1            1000         73         73       0       0       31:50 Establ
  inet6.0: 1/1/0
2.2.2.2          3000         55         57       0       0       24:27 Establ
  inet6.0: 1/1/0

[edit]
enugadi@prime# run show bgp summary logical-router pe2
Groups: 2 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet6.0                2          2          0          0          0          0
inet.0                 0          0          0          0          0          0
Peer               AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Damped...
11::2            2000         84        137       0       1       32:19 Establ
  inet6.0: 1/1/0
1.1.1.1          3000         55         57       0       0       24:28 Establ
  inet6.0: 1/1/0

enugadi@prime# run show route logical-router ce1
inet6.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10::/126           *[Direct/0] 01:16:21
                    > via fe-1/3/0.3
10::1/128          *[Local/0] 01:16:21
                      Local via fe-1/3/0.3
98::1/128          *[Direct/0] 01:16:21
                    > via lo0.50
99::1/128          *[BGP/170] 00:24:49, localpref 100
                      AS path: 3000 2000 I
                    > to 10::2 via fe-1/3/0.3
fe80::/64          *[Direct/0] 01:16:21
                    > via fe-1/3/0.3
fe80::206:2900:3af:b362/128
                   *[Local/0] 01:16:21
                      Local via fe-1/3/0.3
fe80::208:c7ff:fe79:1d02/128
                   *[Direct/0] 01:16:21
                    > via lo0.50
enugadi@prime# run show route logical-router ce2
inet6.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
11::/126           *[Direct/0] 01:16:22
                    > via fe-1/3/1.4
11::2/128          *[Local/0] 01:16:22
                      Local via fe-1/3/1.4
98::1/128          *[BGP/170] 00:06:14, localpref 100
                      AS path: 3000 1000 I
                    > to 11::1 via fe-1/3/1.4
99::1/128          *[Direct/0] 01:16:22
                    > via lo0.51
fe80::/64          *[Direct/0] 01:16:22
                    > via fe-1/3/1.4
fe80::200:200:400:4/128
                   *[Local/0] 01:16:22
                      Local via fe-1/3/1.4
fe80::208:c7ff:fe79:1d02/128
                   *[Direct/0] 01:16:22
                    > via lo0.51

IPv6 Verification

enugadi@prime# run ping inet6 98::1 logical-router ce2 source 99::1 rapid count 100 
PING6(56=40+8+8 bytes) 99::1 --> 98::1
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 98::1 ping6 statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.419/0.428/0.497/0.010 ms

enugadi@prime# run ping inet6 99::1 logical-router ce1 source 98::1 rapid count 100    
PING6(56=40+8+8 bytes) 98::1 --> 99::1
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
--- 99::1 ping6 statistics ---
100 packets transmitted, 100 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.408/0.427/0.503/0.009 ms

You can download logical router configuration here.
Please drop me an email or comment if you have a questions.

October 7, 2008

Traffic Protection on MPLS (RSVP)

Filed under: Technical section — Tags: , — adisubrata @ 8:14 AM

In this post I would like to share traffic protection mechanism that you can use to protect your traffic during link flaps. There are some protection mechanism to guard RSVP LSP session between Ingress and Egress node. You should considering all technical aspects before you start to designing your network and choose which mechanism fit to your network scalability as your network will growth, operational prespective and interoperability between each vendors. Basically LDP is able to protects the traffic from error link or node. It takes more time to convergence when there are link flaps or node problem on the network, LDP rely on OSPF as an IGP and follow the best-path to destination FEC.  Many ISP using RSVP to protects the production traffic expecially for critical voice or high priority traffics. Traffic protection is one advantage from RSVP beside capability of TE, resource reservation and more…

Let’s back to the main topic….

1. Fast reroute

Fast reroute is mechanism to protect the packet to another link/node in the network. FRR compute detours on the LSP’s downstream and upstream. It can protects all node along the LSP with exception Ingress and  Egress node. Detours is automatically compute using CSPF algorithm and TED database. The configuration is simplest compare to link-protection and node-link-protection mechanism. Only ingress router need to be configured to makes detours computation along the LSP. FRR is “one to one” LSP protection. FRR creates separate detours for each LSPs. Since FRR is “one to one” protection, you should aware that you will having more LSPs session on the transit routers. FRR detour is propietry tech.

2. Link-protection.

Link protection is the mechanism to protect specific interface and absolutely having different concepts to FRR. Link protection will generates Bypass LSP to protect specific interfaces. You need to configure link protection on Ingress router and LSR router. Link-protection also make use of a CSPF algorithm and TED database.

3. Node Link-protection.

This one is similar to Link-protection mechanism, BUT you will able protect node failure which link-protection cannot do it. It is also rely on TED and CSPF algorithm.

To simplify the diagram, I will use diagram from Sybex JNCIE book’s diagram. I have setup MPLS/OSPF network with logical routers inside single M7i router. Beloh is the basic diagram captured from JNCIE Book (Thanks Harry):

Basic Diagram

Basic Diagram

The routers used for this post are r1, r2, r3, r4, r5, r6, and r7.

enugadi@M7i# show logical-routers ?
Possible completions:
  <[Enter]>            Execute this command
  <name>               Logical router name
  r1                   Logical router name
  r2                   Logical router name
  r3                   Logical router name
  r4                   Logical router name
  r5                   Logical router name
  r6                   Logical router name
  r7                   Logical router name
  |                    Pipe through a command

LSP Configuration

The MPLS LSP configured isr1 (10.0.6.1) to r7 (10.0.9.7) using CSPF with admin-groups blue.

The LSP path is r1-r3-r6-r5-r7

enugadi@M7i# show logical-routers r1 protocols mpls
traffic-engineering bgp-igp; <- Make use LSP for IGP.
admin-groups {
    blue 20;
    red 21;
    yellow 22;
}
label-switched-path r1-r7 {
    to 10.0.9.7;
    bandwidth 20m;
    primary aho {
        admin-group include-any blue;
    }
}
path aho;
interface fe-1/3/0.1 {
    admin-group blue;
}
interface fe-1/3/0.2 {
    admin-group yellow;
}
interface fe-1/3/0.3 {
    admin-group red;
}

LSP verification:

enugadi@M7i# run show mpls lsp logical-router r1
Ingress LSP: 1 sessions
To              From            State Rt ActivePath       P     LSPname
10.0.9.7        10.0.6.1        Up     1 aho              *     r1-r7
Total 1 displayed, Up 1, Down 0

Path Verification:

enugadi@M7i# run show mpls lsp logical-router r1 extensive
Ingress LSP: 1 sessions

10.0.9.7
  From: 10.0.6.1, State: Up, ActiveRoute: 1, LSPname: r1-r7
  ActivePath: aho (primary)
  LoadBalance: Random
  Encoding type: Packet, Switching type: Packet, GPID: IPv4
 *Primary   aho              State: Up
    Bandwidth: 20Mbps
    SmartOptimizeTimer: 180
          Include Any: blue
    Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 400)
 10.0.4.13 S 10.0.2.13 S 10.0.8.6 S 10.0.8.10 S
    Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
          10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    6 Oct  7 10:22:39.241 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    5 Oct  7 10:01:04.814 Selected as active path
    4 Oct  7 10:01:04.814 Record Route:  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    3 Oct  7 10:01:04.812 Up
    2 Oct  7 10:01:04.753 Originate Call
    1 Oct  7 10:01:04.753 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
  Created: Tue Oct  7 10:01:04 2008
Total 1 displayed, Up 1, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

As expected, the LSP setup from r1 to r7 is through follow r3 (10.0.4.13), r6 (10.0.2.13), r5 (10.0.8.6) and r7 (10.0.8.10).

Traffic verification from r1 to r7 is tunneled over the LSP.

enugadi@M7i# run show mpls lsp statistics logical-router r1
Ingress LSP: 1 sessions
To              From            State     Packets            Bytes LSPname
10.0.9.7        10.0.6.1        Up              0                0 r1-r7
Total 1 displayed, Up 1, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

[edit]
enugadi@M7i# run ping 10.0.9.7 logical-router r1 rapid count 1000                     
PING 10.0.9.7 (10.0.9.7): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -- snipped
1000 packets transmitted, 1000 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.920/1.148/11.052/1.379 ms

[edit]
enugadi@M7i# run show mpls lsp statistics logical-router r1
Ingress LSP: 1 sessions
To              From            State     Packets            Bytes LSPname
10.0.9.7        10.0.6.1        Up           1000            84000 r1-r7
Total 1 displayed, Up 1, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  0.987 ms  0.929 ms  0.899 ms
     MPLS Label=101008 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.959 ms  0.965 ms  0.935 ms
     MPLS Label=100064 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.961 ms  0.988 ms  0.991 ms
     MPLS Label=101328 CoS=0 TTL=1 S=1
 4  10.0.9.7 (10.0.9.7)  0.925 ms  0.948 ms  0.910 ms

Yes,  as expected, 1000 icmp packet from r1 to r7 flows over the LSP as indicated on the traffic statistic and so we can move to the next step.

1. Fast Reroute:

Basic Configuration:

enugadi@M7i# set logical-routers r1 protocols mpls label-switched-path r1-r7 fast-reroute no-include-any;

enugadi@M7i# show logical-routers r1 protocols mpls label-switched-path r1-r7
to 10.0.9.7;
bandwidth 20m;
fast-reroute {
    no-include-any;
}
primary aho {
    admin-group include-any blue;
}

FRR verification on r1:

enugadi@M7i# run show mpls lsp logical-router r1 extensive
Ingress LSP: 1 sessions

10.0.9.7
  From: 10.0.6.1, State: Up, ActiveRoute: 1, LSPname: r1-r7
  ActivePath: aho (primary)
  FastReroute desired
  LoadBalance: Random
  Encoding type: Packet, Switching type: Packet, GPID: IPv4
 *Primary   aho              State: Up
    Bandwidth: 20Mbps
    SmartOptimizeTimer: 180
          Include Any: blue
    Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 400)
 10.0.4.13 S 10.0.2.13 S 10.0.8.6 S 10.0.8.10 S
    Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
          10.0.4.13(flag=9) 10.0.2.13(flag=9) 10.0.8.6(flag=1) 10.0.8.10
   25 Oct  7 10:36:59.175 Fast-reroute Detour Up
   24 Oct  7 10:36:08.265 Record Route:  10.0.4.13(flag=9) 10.0.2.13(flag=9) 10.0.8.6(flag=1) 10.0.8.10
   23 Oct  7 10:36:08.229 Record Route:  10.0.4.13(flag=9) 10.0.2.13(flag=9) 10.0.8.6 10.0.8.10
   22 Oct  7 10:36:08.158 Record Route:  10.0.4.13(flag=9) 10.0.2.13 10.0.8.6 10.0.8.10
   21 Oct  7 10:36:05.193 Record Route:  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
   20 Oct  7 10:36:05.193 Up
   19 Oct  7 10:36:05.138 Originate make-before-break call
   18 Oct  7 10:36:05.138 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
   17 Oct  7 10:33:28.164 Record Route:  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
   16 Oct  7 10:33:28.164 Up
   15 Oct  7 10:33:28.096 Originate make-before-break call
   14 Oct  7 10:33:28.096 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
   13 Oct  7 10:31:04.711 Selected as active path
   12 Oct  7 10:31:04.711 Record Route:  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
   11 Oct  7 10:31:04.710 Up
   10 Oct  7 10:31:04.623 Originate Call
    9 Oct  7 10:31:04.623 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    8 Oct  7 10:31:04.615 Clear Call
    7 Oct  7 10:31:04.613 Deselected as active
    6 Oct  7 10:22:39.241 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    5 Oct  7 10:01:04.814 Selected as active path
    4 Oct  7 10:01:04.814 Record Route:  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
    3 Oct  7 10:01:04.812 Up
    2 Oct  7 10:01:04.753 Originate Call
    1 Oct  7 10:01:04.753 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
  Created: Tue Oct  7 10:01:04 2008
Total 1 displayed, Up 1, Down 0

Detour Verification on R3:

enugadi@M7i# run show mpls lsp logical-router r3 extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 2 sessions

10.0.9.7 <-- this is coming back from r6. Actually we will not use this detour.
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
---- snipped -----

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: 100064
  Resv style: 1 FF, Label in: 101008, Label out: 100064
  Time left:  123, Since: Tue Oct  7 10:36:05 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 4 receiver 30266 protocol 0
  FastReroute desired
  PATH rcvfrom: 10.0.4.14 (fe-1/3/1.1) 24 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.2.13 (fe-1/3/0.9) 21 pkts
  RESV rcvfrom: 10.0.2.13 (fe-1/3/0.9) 20 pkts
  Explct route: 10.0.2.13 10.0.8.6 10.0.8.10
  Record route: 10.0.4.14 <self> 10.0.2.13 10.0.8.6 10.0.8.10  
    Detour is Up
    Detour Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
    Detour adspec: received MTU 1500 sent MTU 1500
    Path MTU: received 1500
    Detour PATH sentto: 10.0.2.1 (fe-1/3/0.7) 19 pkts
    Detour RESV rcvfrom: 10.0.2.1 (fe-1/3/0.7) 18 pkts
    Detour Explct route: 10.0.2.1 10.0.8.10
    Detour Record route: 10.0.4.14 <self> 10.0.2.1 10.0.8.10  
    Detour Label out: 101344
Total 2 displayed, Up 2, Down 0

Detour verification on r5:

enugadi@M7i# run show mpls lsp logical-router r5 extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 1 sessions, 1 detours

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: 101328, Recovery label sent: 3
  Resv style: 1 FF, Label in: 101328, Label out: 3
  Time left:  124, Since: Tue Oct  7 10:36:05 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 4 receiver 30266 protocol 0
  FastReroute desired
  PATH rcvfrom: 10.0.8.5 (fe-1/3/0.15) 29 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.8.10 (fe-1/3/0.16) 29 pkts
  RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 28 pkts
  Explct route: 10.0.8.10
  Record route: 10.0.4.14 10.0.2.14 10.0.8.5 <self> 10.0.8.10
    Detour is Up (r5 also create detour to protects link fail between r5 and r7)
    Detour Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
    Detour adspec: received MTU 1500 sent MTU 1500
    Path MTU: received 1500
    Detour PATH sentto: 10.0.2.10 (fe-1/3/1.8) 27 pkts
    Detour RESV rcvfrom: 10.0.2.10 (fe-1/3/1.8) 26 pkts
    Detour Explct route: 10.0.2.10 10.0.2.17
    Detour Record route: 10.0.4.14 10.0.2.14 10.0.8.5 <self> 10.0.2.10 10.0.2.17
    Detour Label out: 101440
  Detour branch from 10.0.2.2, to skip 10.0.9.6, Up
    Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
    Adspec: received MTU 1500
    Path MTU: received 0
    PATH rcvfrom: 10.0.2.2 (fe-1/3/1.7) 27 pkts
    Adspec: received MTU 1500
    PATH sentto: 10.0.8.10 (fe-1/3/0.16) 0 pkts
    RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 0 pkts
    Explct route: 10.0.8.10
    Record route: 10.0.4.14 10.0.2.2 <self> 10.0.8.10  
    Label in: 101344, Label out: 3
Total 1 displayed, Up 1, Down 0

Verify traffic flows on r1 before r6 down:

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  0.987 ms  0.929 ms  0.899 ms
     MPLS Label=101008 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.959 ms  0.965 ms  0.935 ms
     MPLS Label=100064 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.961 ms  0.988 ms  0.991 ms
     MPLS Label=101328 CoS=0 TTL=1 S=1
 4  10.0.9.7 (10.0.9.7)  0.925 ms  0.948 ms  0.910 ms
enugadi@M7i# run clear mpls lsp statistics logical-router r1 

[edit]
enugadi@M7i# run ping 10.0.9.7 logical-router r1 rapid count 1000
PING 10.0.9.7 (10.0.9.7): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! --- snipped ----
1000 packets transmitted, 1000 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.920/1.047/11.014/0.971 ms

[edit]
enugadi@M7i# run show mpls lsp statistics logical-router r1
Ingress LSP: 1 sessions
To              From            State     Packets            Bytes LSPname
10.0.9.7        10.0.6.1        Up           1000            84000 r1-r7
Total 1 displayed, Up 1, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Lets make the router r6 down to simulate the FRR:

enugadi@M7i# deactivate logical-routers r6 

[edit]
enugadi@M7i# commit
commit complete

[edit]
enugadi@M7i# run ping 10.0.9.7 logical-router r1 rapid count 1000
PING 10.0.9.7 (10.0.9.7): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - snipped -
--- 10.0.9.7 ping statistics ---
1000 packets transmitted, 1000 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.894/1.062/43.530/1.653 ms

[edit]
enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  1.020 ms  0.939 ms  0.882 ms
     MPLS Label=101008 CoS=0 TTL=1 S=1
 2  10.0.2.1 (10.0.2.1)  0.938 ms  10.568 ms  0.955 ms
     MPLS Label=101344 CoS=0 TTL=1 S=1
 3  10.0.9.7 (10.0.9.7)  0.894 ms  0.928 ms  0.910 ms

Yes, traffics flow through r1-r3-r5-r7 as expected :)

enugadi@M7i# run clear mpls lsp statistics logical-router r1 

[edit]
enugadi@M7i# run ping 10.0.9.7 logical-router r1 rapid count 1000
PING 10.0.9.7 (10.0.9.7): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - snipped -
--- 10.0.9.7 ping statistics ---
1000 packets transmitted, 1000 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.893/1.012/10.561/0.960 ms

[edit]
enugadi@M7i# run show mpls lsp statistics logical-router r1
Ingress LSP: 1 sessions
To              From            State     Packets            Bytes LSPname
10.0.9.7        10.0.6.1        Up           1000            84000 r1-r7
Total 1 displayed, Up 1, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Lets look on the router r1:

(Traffic still flowing from r1 to r7 even r6 is down and CSPF computation fail detected on r1).

enugadi@M7i# run show mpls lsp logical-router r1 extensive
Ingress LSP: 1 sessions
  From: 10.0.6.1, State: Up, ActiveRoute: 1, LSPname: r1-r7
  ActivePath: aho (primary)
  FastReroute desired
  LoadBalance: Random
  Encoding type: Packet, Switching type: Packet, GPID: IPv4
 *Primary   aho              State: Up
    Bandwidth: 20Mbps
    SmartOptimizeTimer: 180
          Include Any: blue
    Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 400)
 10.0.4.13 S 10.0.2.13 S 10.0.8.6 S 10.0.8.10 S
    Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
          10.0.4.13(flag=0xb) 10.0.2.1 10.0.8.10
   34 Oct  7 11:10:27.571 CSPF failed: no route toward 10.0.9.7
   33 Oct  7 11:10:27.570 CSPF: link down/deleted: 10.0.8.5(10.0.9.6:0)(10.0.9.6)->0.0.0.0(10.0.8.6:0)(10.0.8.6)
   32 Oct  7 11:10:26.755 CSPF failed: no route toward 10.0.9.7[18 times]
   31 Oct  7 11:00:39.256 CSPF: link down/deleted: 0.0.0.0(10.0.8.6:0)(10.0.8.6)->0.0.0.0(10.0.3.5:0)(10.0.3.5)
   30 Oct  7 11:00:39.015 CSPF: link down/deleted: 0.0.0.0(10.0.2.14:0)(10.0.2.14)->0.0.0.0(10.0.9.6:0)(10.0.9.6)
- sniped -

Lets look more inside the router r3:

enugadi@M7i# run show mpls lsp logical-router r3 extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 2 sessions

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: -
  Resv style: 0 -, Label in: 101008, Label out: -
  Time left:  151, Since: Tue Oct  7 10:36:05 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 4 receiver 30266 protocol 0
  FastReroute desired
  PATH rcvfrom: 10.0.4.14 (fe-1/3/1.1) 47 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.2.13 (fe-1/3/0.9) 44 pkts
  Explct route: 10.0.2.13 10.0.8.6 10.0.8.10 
  Record route: 10.0.4.14 <self> ...incomplete
    Detour is Up
    Detour Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
    Detour adspec: received MTU 1500 sent MTU 1500
    Path MTU: received 1500
    Detour PATH sentto: 10.0.2.1 (fe-1/3/0.7) 42 pkts
    Detour RESV rcvfrom: 10.0.2.1 (fe-1/3/0.7) 39 pkts
    Detour Explct route: 10.0.2.1 10.0.8.10 
    Detour Record route: 10.0.4.14 <self> 10.0.2.1 10.0.8.10  
    Detour Label out: 101344

10.0.9.7
  From: 10.0.6.1, LSPstate: Dn, ActiveRoute: 0
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: -
  Resv style: 0 -, Label in: -, Label out: -
  Time left:  151, Since: Tue Oct  7 11:00:28 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 5 receiver 30266 protocol 0
  FastReroute desired
  PATH rcvfrom: 10.0.4.14 (fe-1/3/1.1) 3 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.2.13 (fe-1/3/0.9) 3 pkts
  Explct route: 10.0.2.13 10.0.8.6 10.0.8.10
  Record route: 10.0.4.14 <self> ...incomplete
Total 2 displayed, Up 1, Down 1

And r5:

(Since the primary LSP is down, so the detour of r5-r4-r7 is removed).

enugadi@M7i# run show mpls lsp logical-router r5 extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 1 sessions

10.0.9.7
From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
LSPname: r1-r7, LSPpath: Primary
Suggested label received: -, Suggested label sent: -
Recovery label received: 101344, Recovery label sent: -
Resv style: 1 FF, Label in: 101344, Label out: 3
Time left:  155, Since: Tue Oct  7 10:36:08 2008
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 4 receiver 30266 protocol 0
Detour branch from 10.0.2.2, to skip 10.0.9.6, Up
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Adspec: received MTU 1500
Path MTU: received 0
PATH rcvfrom: 10.0.2.2 (fe-1/3/1.7) 48 pkts
Adspec: received MTU 1500 sent MTU 1500
PATH sentto: 10.0.8.10 (fe-1/3/0.16) 9 pkts
RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 9 pkts
Explct route: 10.0.8.10
Record route: 10.0.4.14 10.0.2.2 <self> 10.0.8.10
Label in: 101344, Label out: 3
Total 1 displayed, Up 1, Down 0

As expected: FRR able to protect the LSP from r1 to r7.

Activate router r6 to make sure that the traffics will flowing back through r6:

enugadi@M7i# activate logical-routers r6 

[edit]
enugadi@M7i# commit
commit complete
enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  0.996 ms  0.950 ms  0.878 ms
     MPLS Label=101040 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.938 ms  0.982 ms  0.949 ms
     MPLS Label=100000 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.972 ms  0.984 ms  0.985 ms
     MPLS Label=101360 CoS=0 TTL=1 S=1
 4  10.0.9.7 (10.0.9.7)  0.920 ms  0.946 ms  0.929 ms

IP packet flowing back through r6 (10.0.2.13) as expected.

2. Link Protection

In this scenario, I will configure the link protection to guard link between router r5 to r7. When the link on routers r5 and r7 down, traffic will flow through router r4. This test is bit different with FRR test. FRR able to do Node protection, so when protected node going down (in this case is r6), FRR will able to reroute the traffics through another router (r5).

I will not configure link protection to interface between router r3 and r6. The reason is link protection only protect link failure, and so all packets being protected will still flow through router r6. If I protect the link between r3 and r6, and this interface is down, the new path setup is r1-r3-r5-r6-r5-r7. It is not nice in the real network :)

Below is the configuration on r1:

enugadi@M7i# set logical-routers r1 protocols mpls label-switched-path r1-r7 link-protection    

[edit]
enugadi@M7i# delete logical-routers r1 protocols mpls label-switched-path r1-r7 fast-reroute    

[edit]
enugadi@M7i# commit
commit complete

enugadi@M7i# show logical-routers r1 protocols mpls label-switched-path r1-r7
to 10.0.9.7;
bandwidth 20m;
link-protection;
primary aho {
    admin-group include-any blue;
}

Below is the configuration on r5:

enugadi@M7i# show interfaces fe-1/3/0.16
description r5-r7;
vlan-id 16;
family inet {
    address 10.0.8.9/30;
}
family mpls;

[edit logical-routers r5]
enugadi@M7i# set protocols rsvp interface fe-1/3/0.16 link-protection 

enugadi@M7i# show protocols rsvp
interface fe-1/3/0.15 {
    authentication-key "$9$9zdTt0ILX-Vwg"; ## SECRET-DATA
    aggregate;
}
interface fe-1/3/0.16 {
    link-protection;
}
interface fe-1/3/1.7;
interface fe-1/3/1.8;

Verification on r1:

enugadi@M7i# run show mpls lsp logical-router r1 extensive
Ingress LSP: 1 sessions

10.0.9.7
  From: 10.0.6.1, State: Up, ActiveRoute: 1, LSPname: r1-r7
  ActivePath: aho (primary)
  Link protection desired
  LoadBalance: Random
  Encoding type: Packet, Switching type: Packet, GPID: IPv4
 *Primary   aho              State: Up
    Bandwidth: 20Mbps
    SmartOptimizeTimer: 180
          Include Any: blue
    Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 400)
 10.0.4.13 S 10.0.2.13 S 10.0.8.6 S 10.0.8.10 S
    Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
          10.0.4.13(Label=101088) 10.0.2.13(Label=100032) 10.0.8.6(Label=101408) 10.0.8.10(Label=3)
    5 Oct  7 11:24:51.248 Selected as active path
    4 Oct  7 11:24:51.248 Record Route:  10.0.4.13(Label=101088) 10.0.2.13(Label=100032) 10.0.8.6(Label=101408) 10.0.8.10(Label=3)
    3 Oct  7 11:24:51.248 Up
    2 Oct  7 11:24:51.187 Originate Call
    1 Oct  7 11:24:51.187 CSPF: computation result accepted  10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
  Created: Tue Oct  7 11:24:51 2008
Total 1 displayed, Up 1, Down 0

Verification on r5:

Bypass LSP is generated by R5 to protect the link failed between r5 and r7.

enugadi@M7i# run show rsvp session logical-router r5
Ingress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       0  1 SE       -   101552 Bypass->10.0.8.10
Total 1 displayed, Up 1, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       1  1 SE  101408        3 r1-r7
Total 1 displayed, Up 1, Down 0
enugadi@M7i# run show rsvp session logical-router r5 detail
Ingress RSVP: 1 sessions

10.0.9.7
  From: 10.0.3.5, LSPstate: Up, ActiveRoute: 0
  LSPname: Bypass->10.0.8.10
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: 101552
  Resv style: 1 SE, Label in: -, Label out: 101552
  Time left:    -, Since: Tue Oct  7 11:29:30 2008
  Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
  Port number: sender 1 receiver 11567 protocol 0
  Type: Bypass LSP
    Number of data route tunnel through: 1
    Number of RSVP session tunnel through: 0
  PATH rcvfrom: localclient
  Adspec: sent MTU 1500
  Path MTU: received 1500
  PATH sentto: 10.0.2.10 (fe-1/3/1.8) 7 pkts
  RESV rcvfrom: 10.0.2.10 (fe-1/3/1.8) 7 pkts
  Explct route: 10.0.2.10 10.0.2.17 
  Record route: <self> 10.0.2.10 10.0.2.17
Total 1 displayed, Up 1, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: 101408, Recovery label sent: 3
  Resv style: 1 SE, Label in: 101408, Label out: 3
  Time left:  121, Since: Tue Oct  7 11:24:51 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 1 receiver 30282 protocol 0
  Link protection desired
  Type: Link protected LSP
  PATH rcvfrom: 10.0.8.5 (fe-1/3/0.15) 15 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.8.10 (fe-1/3/0.16) 17 pkts
  RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 16 pkts
  Explct route: 10.0.8.10
  Record route: 10.0.4.14 10.0.2.14 10.0.8.5 <self> 10.0.8.10
Total 1 displayed, Up 1, Down 0

[edit logical-routers r5]
enugadi@M7i# run show mpls lsp logical-router r5 extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit LSP: 1 sessions

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: 101408, Recovery label sent: 3
  Resv style: 1 SE, Label in: 101408, Label out: 3
  Time left:  148, Since: Tue Oct  7 11:24:51 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 1 receiver 30282 protocol 0
  Link protection desired
  Type: Link protected LSP, using Bypass->10.0.8.10
      3 Oct  7 11:29:36 Link protection up, using Bypass->10.0.8.10
      2 Oct  7 11:29:30 New bypass Bypass->10.0.8.10
      1 Oct  7 11:28:45 Link protection disabled on outbound interface[8 times]
  PATH rcvfrom: 10.0.8.5 (fe-1/3/0.15) 11 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.8.10 (fe-1/3/0.16) 13 pkts
  RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 12 pkts
  Explct route: 10.0.8.10
  Record route: 10.0.4.14 10.0.2.14 10.0.8.5 <self> 10.0.8.10
Total 1 displayed, Up 1, Down 0

Verify BYPASS LSP on r4 and r7:

(BYPASS LSP should be in UP state in both of r4 and r7)

enugadi@M7i# run show rsvp session logical-router r4 transit
Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       1  1 SE  101552        3 Bypass->10.0.8.10
Total 1 displayed, Up 1, Down 0

[edit logical-routers r5]
enugadi@M7i# run show rsvp session logical-router r4 transit extensive
Transit RSVP: 1 sessions

10.0.9.7
  From: 10.0.3.5, LSPstate: Up, ActiveRoute: 1
  LSPname: Bypass->10.0.8.10
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: 3
  Resv style: 1 SE, Label in: 101552, Label out: 3 (As expected)
  Time left:  124, Since: Tue Oct  7 11:29:30 2008
  Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
  Port number: sender 1 receiver 11567 protocol 0
  PATH rcvfrom: 10.0.2.9 (fe-1/3/0.8) 11 pkts
  Adspec: received MTU 1500 sent MTU 1500
  PATH sentto: 10.0.2.17 (fe-1/3/0.10) 11 pkts
  RESV rcvfrom: 10.0.2.17 (fe-1/3/0.10) 11 pkts
  Explct route: 10.0.2.17
  Record route: 10.0.2.9 <self> 10.0.2.17  
Total 1 displayed, Up 1, Down 0
enugadi@M7i# run show mpls lsp logical-router r7
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress LSP: 2 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       0  1 SE       3        - Bypass->10.0.8.10
10.0.9.7        10.0.6.1        Up       0  1 SE       3        - r1-r7
Total 2 displayed, Up 2, Down 0

Verify ICMP packet on r1 before we deactivate interface between r5 to r7:

(traffic flows should be through r6 – 10.0.8.6)

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  1.002 ms  0.930 ms  0.874 ms
     MPLS Label=101088 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.955 ms  0.960 ms  0.924 ms
     MPLS Label=100032 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.961 ms  0.984 ms  0.947 ms
     MPLS Label=101408 CoS=0 TTL=1 S=1
 4  10.0.9.7 (10.0.9.7)  3.708 ms  0.959 ms  0.935 ms

Let’s deactivate interface between r5 and r7:

[edit logical-routers r5]
enugadi@M7i# deactivate interfaces fe-1/3/0.16  

[edit logical-routers r5]
enugadi@M7i# show interfaces fe-1/3/0.16
##
## inactive: logical-routers r5 interfaces fe-1/3/0 unit 16
##
description r5-r7;
vlan-id 16;
family inet {
    address 10.0.8.9/30;
}
family mpls;

[edit logical-routers r5]
enugadi@M7i# commit
commit complete

Verify ICMP packet flow:

(ICMP packet must be flow through r4 – 10.0.2.10)

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  1.022 ms  0.925 ms  0.870 ms
     MPLS Label=101088 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.970 ms  0.962 ms  0.941 ms
     MPLS Label=100032 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.961 ms  0.982 ms  0.942 ms
     MPLS Label=101408 CoS=0 TTL=1 S=1
 4  10.0.2.10 (10.0.2.10)  0.973 ms  0.977 ms  0.937 ms
     MPLS Label=101552 CoS=0 TTL=1 S=1
 5  10.0.9.7 (10.0.9.7)  0.921 ms  0.947 ms  0.903 ms

enugadi@M7i# run ping 10.0.9.7 logical-router r1 rapid count 1000
PING 10.0.9.7 (10.0.9.7): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - snipped -
552 packets transmitted, 551 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.920/1.123/43.969/2.079 ms

Yes, Its working as expected :)

Lets look on ingress router r1:

enugadi@M7i# run show rsvp session logical-router r1 extensive
Ingress RSVP: 1 sessions

10.0.9.7
  From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
  LSPname: r1-r7, LSPpath: Primary
  Suggested label received: -, Suggested label sent: -
  Recovery label received: -, Recovery label sent: 101088
  Resv style: 1 SE, Label in: -, Label out: 101088
  Time left:    -, Since: Tue Oct  7 11:24:51 2008
  Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
  Port number: sender 1 receiver 30282 protocol 0
  Link protection desired
  Type: Protection down
      1 Oct  7 11:45:08 Link protection disabled on outbound interface[36 times]
  PATH rcvfrom: localclient
  Adspec: sent MTU 1500
  Path MTU: received 1500
  PATH sentto: 10.0.4.13 (fe-1/3/0.1) 34 pkts
  RESV rcvfrom: 10.0.4.13 (fe-1/3/0.1) 35 pkts
  Explct route: 10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
  Record route: <self> 10.0.4.13 10.0.2.13 10.0.8.6 10.0.2.17  
Total 1 displayed, Up 1, Down 0

Lets look on egress router r7:

enugadi@M7i# run show rsvp session logical-router r7
Ingress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress RSVP: 3 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       0  1 SE       3        - Bypass->10.0.8.10
10.0.9.7        10.0.2.9        Up       0  1 SE       3        - r1-r7
10.0.9.7        10.0.6.1        Up       0  1 SE       3        - r1-r7
Total 3 displayed, Up 3, Down 0

Lets look what does happened on r5:

(Ingress LSP for BYPASS LSP is up, but transit lsp is down, it is as expected).

enugadi@M7i# run show rsvp session logical-router r5
Ingress RSVP: 2 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       1  1 SE       -   101552 Bypass->10.0.8.10
10.0.9.7        10.0.2.9        Up       0  1 SE       -        3 r1-r7
Total 2 displayed, Up 2, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Dn       0  0  -  101408        - r1-r7
Total 1 displayed, Up 0, Down 1

Lets activate the interface between r5 and r7 again and see the packet will flow back to primary LSP:

enugadi@M7i# activate interfaces fe-1/3/0.16 

[edit logical-routers r5]
enugadi@M7i# show interfaces fe-1/3/0.16
description r5-r7;
vlan-id 16;
family inet {
    address 10.0.8.9/30;
}
family mpls;

[edit logical-routers r5]
enugadi@M7i# commit
commit complete

ICMP packet flow back to previous path – 10.0.8.6 :

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
 1  10.0.4.13 (10.0.4.13)  0.992 ms  0.935 ms  0.876 ms
     MPLS Label=101104 CoS=0 TTL=1 S=1
 2  10.0.2.13 (10.0.2.13)  0.937 ms  0.986 ms  0.942 ms
     MPLS Label=100048 CoS=0 TTL=1 S=1
 3  10.0.8.6 (10.0.8.6)  0.955 ms  0.991 ms  0.941 ms
     MPLS Label=101424 CoS=0 TTL=1 S=1
 4  10.0.9.7 (10.0.9.7)  0.904 ms  0.926 ms  0.886 ms

The transit LSP on r5 is in UP state again

enugadi@M7i# run show rsvp session logical-router r5
Ingress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.3.5        Up       0  1 SE       -   101568 Bypass->10.0.8.10
Total 1 displayed, Up 1, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       0  1 SE  101424        3 r1-r7

Base on this experiment, Link-protection able to protect the LSP from faulty interface.

3. Node Link protection

Node link protection is extended version for link protection :)

Node link protect able to protect node failure as FRR can do that. The different to FRR is, Node link protection do “One to many protection” while FRR do “one to one protection.

In this test I will do same scenario as FRR. r3 will protect LSP r1-r7 and so any errors on r6 will not impact to the traffic since the LSP will tranverse through r5.

Below is the configuration on r1:

enugadi@M7i# delete logical-routers r1 protocols mpls label-switched-path r1-r7 link-protection

[edit]
enugadi@M7i# set logical-routers r1 protocols mpls label-switched-path r1-r7 node-link-protection

[edit]
enugadi@M7i# commit
commit complete

configure RSVP link protection on r3 (interface between r3 and r6):

enugadi@M7i# show logical-routers r3 interfaces fe-1/3/0.9
description r3-r6;
vlan-id 9;
family inet {
address 10.0.2.14/30;
}
family mpls;

[edit]
enugadi@M7i# set logical-routers r3 protocols rsvp interface fe-1/3/0.0 link-protection

[edit]
enugadi@M7i# show logical-routers r3 protocols rsvp
interface fe-1/3/0.4;
interface fe-1/3/0.6;
interface fe-1/3/0.7;
interface fe-1/3/0.9 {
link-protection;
}
interface fe-1/3/1.1;
interface fe-1/3/0.0;

[edit]
enugadi@M7i# commit
commit complete

Node-link-protection verification on r1:

enugadi@M7i# run show rsvp session ingress logical-router r1
Ingress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       1  1 SE       -   101152 r1-r7
Total 1 displayed, Up 1, Down 0

enugadi@M7i# run show rsvp session ingress logical-router r1 extensive
Ingress RSVP: 1 sessions

10.0.9.7
From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
LSPname: r1-r7, LSPpath: Primary
Suggested label received: -, Suggested label sent: -
Recovery label received: -, Recovery label sent: 101152
Resv style: 1 SE, Label in: -, Label out: 101152
Time left:    -, Since: Tue Oct  7 12:13:30 2008
Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
Port number: sender 1 receiver 30302 protocol 0
Node/Link protection desired
Type: Protection down
1 Oct  7 12:16:45 Link protection disabled on outbound interface[9 times]
PATH rcvfrom: localclient
Adspec: sent MTU 1500
Path MTU: received 1500
PATH sentto: 10.0.4.13 (fe-1/3/0.1) 8 pkts
RESV rcvfrom: 10.0.4.13 (fe-1/3/0.1) 8 pkts
Explct route: 10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
Record route: <self> 10.0.4.13 10.0.2.13 10.0.8.6 10.0.8.10
Total 1 displayed, Up 1, Down 0

Node-link-protection verification on r3:

enugadi@M7i# run show rsvp session logical-router r3
Ingress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.3.5        10.0.3.3        Up       0  1 SE       -        3 Bypass->10.0.2.13->10.0.8.6
Total 1 displayed, Up 1, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       0  1 SE  101152   100016 r1-r7
Total 1 displayed, Up 1, Down 0

enugadi@M7i# run show rsvp session logical-router r3 extensive
Ingress RSVP: 1 sessions

10.0.3.5
From: 10.0.3.3, LSPstate: Up, ActiveRoute: 0
LSPname: Bypass->10.0.2.13->10.0.8.6
Suggested label received: -, Suggested label sent: -
Recovery label received: -, Recovery label sent: 3
Resv style: 1 SE, Label in: -, Label out: 3
Time left:    -, Since: Tue Oct  7 12:13:32 2008
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 1 receiver 38542 protocol 0
Type: Bypass LSP
Number of data route tunnel through: 1
Number of RSVP session tunnel through: 0
PATH rcvfrom: localclient
Adspec: sent MTU 1500
Path MTU: received 1500
PATH sentto: 10.0.2.1 (fe-1/3/0.7) 8 pkts
RESV rcvfrom: 10.0.2.1 (fe-1/3/0.7) 8 pkts
Explct route: 10.0.2.1
Record route: <self> 10.0.2.1
Total 1 displayed, Up 1, Down 0

Egress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Transit RSVP: 1 sessions

10.0.9.7
From: 10.0.6.1, LSPstate: Up, ActiveRoute: 0
LSPname: r1-r7, LSPpath: Primary
Suggested label received: -, Suggested label sent: -
Recovery label received: -, Recovery label sent: 100016
Resv style: 1 SE, Label in: 101152, Label out: 100016
Time left:  135, Since: Tue Oct  7 12:13:30 2008
Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
Port number: sender 1 receiver 30302 protocol 0
Node/Link protection desired
Type: Node/Link protected LSP, using Bypass->10.0.2.13->10.0.8.6
2 Oct  7 12:13:33 Node protection up, using Bypass->10.0.2.13->10.0.8.6
1 Oct  7 12:13:30 New bypass Bypass->10.0.2.13->10.0.8.6
PATH rcvfrom: 10.0.4.14 (fe-1/3/1.1) 9 pkts
Adspec: received MTU 1500 sent MTU 1500
PATH sentto: 10.0.2.13 (fe-1/3/0.9) 12 pkts
RESV rcvfrom: 10.0.2.13 (fe-1/3/0.9) 8 pkts
Explct route: 10.0.2.13 10.0.8.6 10.0.8.10
Record route: 10.0.4.14 <self> 10.0.2.13 10.0.8.6 10.0.8.10
Total 1 displayed, Up 1, Down 0

LSP verification on r6:

enugadi@M7i# run show rsvp session logical-router r6 transit
Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       1  1 SE  100016   101520 r1-r7
Total 1 displayed, Up 1, Down 0

Node-link-protection verification on router r5:

enugadi@M7i# run show rsvp session logical-router r5
Ingress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.3.5        10.0.3.3        Up       0  1 SE       3        – Bypass->10.0.2.13->10.0.8.6
Total 1 displayed, Up 1, Down 0

Transit RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       1  1 SE  101520        3 r1-r7
Total 1 displayed, Up 1, Down 0

enugadi@M7i# run show rsvp session logical-router r5 extensive
Ingress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress RSVP: 1 sessions

10.0.3.5
From: 10.0.3.3, LSPstate: Up, ActiveRoute: 0
LSPname: Bypass->10.0.2.13->10.0.8.6
Suggested label received: -, Suggested label sent: -
Recovery label received: 3, Recovery label sent: -
Resv style: 1 SE, Label in: 3, Label out: -
Time left:  121, Since: Tue Oct  7 12:13:32 2008
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 1 receiver 38542 protocol 0
PATH rcvfrom: 10.0.2.2 (fe-1/3/1.7) 9 pkts
Adspec: received MTU 1500
PATH sentto: localclient
RESV rcvfrom: localclient
Record route: 10.0.2.2 <self>
Total 1 displayed, Up 1, Down 0

Transit RSVP: 1 sessions

10.0.9.7
From: 10.0.6.1, LSPstate: Up, ActiveRoute: 1
LSPname: r1-r7, LSPpath: Primary
Suggested label received: -, Suggested label sent: -
Recovery label received: 101520, Recovery label sent: 3
Resv style: 1 SE, Label in: 101520, Label out: 3
Time left:  119, Since: Tue Oct  7 12:13:30 2008
Tspec: rate 20Mbps size 20Mbps peak Infbps m 20 M 1500
Port number: sender 1 receiver 30302 protocol 0
Node/Link protection desired
Type: Protection down
1 Oct  7 12:18:07 Link protection disabled on outbound interface[9 times]
PATH rcvfrom: 10.0.8.5 (fe-1/3/0.15) 10 pkts
Adspec: received MTU 1500 sent MTU 1500
PATH sentto: 10.0.8.10 (fe-1/3/0.16) 10 pkts
RESV rcvfrom: 10.0.8.10 (fe-1/3/0.16) 10 pkts
Explct route: 10.0.8.10
Record route: 10.0.4.14 10.0.2.14 10.0.8.5 <self> 10.0.8.10
Total 1 displayed, Up 1, Down 0

Node-link-protection verification on r7:

enugadi@M7i# run show rsvp session logical-router r7
Ingress RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Egress RSVP: 1 sessions
To              From            State   Rt Style Labelin Labelout LSPname
10.0.9.7        10.0.6.1        Up       0  1 SE       3        – r1-r7
Total 1 displayed, Up 1, Down 0

Transit RSVP: 0 sessions
Total 0 displayed, Up 0, Down 0

Traffic verification on r1 before deactivate router r6:

(traffic must flow through r6 – 10.0.2.13)

enugadi@M7i# run traceroute 10.0.9.7 logical-router r1
traceroute to 10.0.9.7 (10.0.9.7), 30 hops max, 40 byte packets
1  10.0.4.13 (10.0.4.13)  0.988 ms  1.061 ms  0.885 ms
MPLS Label=101152 CoS=0 TTL=1 S=1
2  10.0.2.13 (10.0.2.13)  0.933 ms  0.984 ms  0.921 ms
MPLS Label=100016 CoS=0 TTL=1 S=1
3  10.0.8.6 (10.0.8.6)  0.954 ms  0.978 ms  0.949 ms
MPLS Label=101520 CoS=0 TTL=1 S=1
4  10.0.9.7 (10.0.9.7)  0.902 ms  0.929 ms  0.898 ms

Deactivate router r6:

To be continued…… I’m sleepy :(

September 23, 2008

Multicast PIM-SSM (Source-Specific Multicast)

Filed under: Technical section — Tags: — adisubrata @ 12:12 AM

SSM indentifies traffic by both source and group address. Since the host already knows the S and G, RP will not need again. In order to support SSM, IGMPv3 should be used for all hosts facing interface. However, there is mechanism to map IGMPv2 and IGMPv1 to IGMPv3. Since my receiver in this lab is windows XP, I will use IGMP mapping from v2 to v3. As usual you can download the original configuration at the end of this post.

SSM group multicast address is limited to the IP address range from 232.0.0.0 to 232.255.255.255 and so I will configure SSM source address in this lab to 232.0.0.1 and 232.0.0.2.

After starting the multicast stream, there are two multicast stream flow to R1.

enugadi@M7i# run show pim join logical-router r1
Instance: PIM.master Family: INET

Group: 232.0.0.1
    Source: 10.0.5.200
    Flags: sparse,spt
    Upstream interface: fe-1/3/0.0            

Group: 232.0.0.2
    Source: 10.0.5.200
    Flags: sparse,spt
    Upstream interface: fe-1/3/0.0            

Group: 239.255.255.250
    Source: *
    RP: None
    Flags: sparse,rptree,wildcard
    Upstream interface: unknown (no route)

Instance: PIM.master Family: INET6

enugadi@M7i# run show multicast route logical-router r1 detail
Family: INET

Group: 232.0.0.1
    Source: 10.0.5.200/32
    Upstream interface: fe-1/3/0.0
    Session description: Source specific multicast
    Statistics: 133 kBps, 98 pps, 250856 packets
    Next-hop ID: 0
    Upstream protocol: PIM

Group: 232.0.0.2
    Source: 10.0.5.200/32
    Upstream interface: fe-1/3/0.0
    Session description: Source specific multicast
    Statistics: 78 kBps, 57 pps, 195151 packets
    Next-hop ID: 0
    Upstream protocol: PIM

Family: INET6

Let’s send IGMP host messages from receiver and check (S,G join) on R5, R3, and R1.

R5:

Sep 23 00:00:39.774356 PIM ge-0/0/1.7 SENT 10.0.2.1 -> 224.0.0.13 V2 JoinPrune to 10.0.2.2 holdtime 210 groups 1 sum 0xd11f len 34
Sep 23 00:00:39.774455 group 232.0.0.1 joins 1 prunes 0
Sep 23 00:00:39.774552   join list:
Sep 23 00:00:39.774602     source 10.0.5.200 flags sparse

R3:

Sep 23 00:00:39.794513 PIM ge-0/0/1.1 SENT 10.0.4.13 -> 224.0.0.13 V2 JoinPrune to 10.0.4.14 holdtime 210 groups 1 sum 0xcf13 len 34
Sep 23 00:00:39.794610 group 232.0.0.1 joins 1 prunes 0
Sep 23 00:00:39.794642   join list:
Sep 23 00:00:39.794685     source 10.0.5.200 flags sparse

R1:

Sep 23 00:01:39.835709 PIM ge-0/0/0.1 RECV 10.0.4.13 -> 224.0.0.13 V2 JoinPrune to 10.0.4.14 holdtime 210 groups 1 sum 0xcf13 len 34
Sep 23 00:01:39.835832 group 232.0.0.1 joins 1 prunes 0
Sep 23 00:01:39.835866   join list:
Sep 23 00:01:39.835907     source 10.0.5.200 flags sparse

Multicast receiver already receives multicast traffic from R1:

Let’s verify the multicast usages on R5, R3 and R1:

enugadi@M7i# run show multicast route logical-router r1 extensive
Family: INET

Group: 232.0.0.1
    Source: 10.0.5.200/32
    Upstream interface: fe-1/3/0.0
    Downstream interface list:
        ge-0/0/0.1
    Session description: Source specific multicast
    Statistics: 132 kBps, 97 pps, 279397 packets
    Next-hop ID: 262144
    Upstream protocol: PIM
    Route state: Active
    Forwarding state: Forwarding
    Cache lifetime/timeout: 360 seconds
    Wrong incoming interface notifications: 0

Group: 232.0.0.2
    Source: 10.0.5.200/32
    Upstream interface: fe-1/3/0.0
    Session description: Source specific multicast
    Statistics: 85 kBps, 63 pps, 223572 packets
    Next-hop ID: 0
    Upstream protocol: PIM
    Route state: Active
    Forwarding state: Pruned
    Cache lifetime/timeout: 360 seconds
    Wrong incoming interface notifications: 0

Family: INET6

[edit]
enugadi@M7i# run show multicast route logical-router r3 extensive
Family: INET

Group: 232.0.0.1
    Source: 10.0.5.200/32
    Upstream interface: ge-0/0/1.1
    Downstream interface list:
        ge-0/0/0.7
    Session description: Source specific multicast
    Statistics: 155 kBps, 114 pps, 20163 packets
    Next-hop ID: 262143
    Upstream protocol: PIM
    Route state: Active
    Forwarding state: Forwarding
    Cache lifetime/timeout: 360 seconds
    Wrong incoming interface notifications: 0

Family: INET6

[edit]
enugadi@M7i# run show multicast route logical-router r5 extensive
Family: INET

Group: 232.0.0.1
    Source: 10.0.5.200/32
    Upstream interface: ge-0/0/1.7
    Downstream interface list:
        fe-1/3/1.0
    Session description: Source specific multicast
    Statistics: 138 kBps, 102 pps, 20675 packets
    Next-hop ID: 262142
    Upstream protocol: PIM
    Route state: Active
    Forwarding state: Forwarding
    Cache lifetime/timeout: 360 seconds
    Wrong incoming interface notifications: 0

Family: INET6

So multicast work as expected.

Below is the SSM mapping configuration on R5:

enugadi@M7i# show logical-routers r5 policy-options policy-statement ssm-policy
term 1 {
    from {
        route-filter 232.0.0.1/32 exact;
        route-filter 232.0.0.2/32 exact;
    }
    then accept;
}

[edit]
enugadi@M7i# show logical-routers r5 routing-options
autonomous-system 65412;
multicast {
    ssm-map ssm-mapping {
        policy ssm-policy;
        source 10.0.5.200;
    }
}

[edit]
enugadi@M7i# show logical-routers r5 protocols igmp
traceoptions {
    file debug-igmp;
    flag leave detail;
    flag report detail;
    flag query detail;
}
interface fe-1/3/1.0 {
    ssm-map ssm-mapping;
}

pim-ssm-config

Older Posts »

Blog at WordPress.com.